Описание
The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:basic_webmail_project:basic_webmail:6.x-1.0:*:*:*:*:drupal:*:*
cpe:2.3:a:basic_webmail_project:basic_webmail:6.x-1.1:*:*:*:*:drupal:*:*
cpe:2.3:a:basic_webmail_project:basic_webmail:6.x-1.x:dev:*:*:*:drupal:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.
EPSS
Процентиль: 48%
0.0025
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200